In a recent investigation, a security researcher found a serious security breach in older versions of Firefox for Android. A vulnerability found in a browser protocol allows an attacker to “hijack” sessions from the app and all smartphones connected to the same network, forwarding them to malicious sites or installing unwanted extensions.
This is the SSDP (Simple Service Discovery Protocol), a protocol used by Firefox to find other devices on the network to share browser content. Chris Moberly, the Australian researcher responsible for the discovery, reported on Twitter that the flaw is no longer present in the current version, but alerts users that it remains with the outdated app.
As soon as another device with the browser is found, Firefox creates a location file in XML format containing the smartphone’s information. However, according to the researcher, this file may contain some commands for performing tasks, the so-called “intents”.
Found a neat little Firefox for Android bug. Current version is not vulnerable, please make sure you are up to date. 🙂 https://t.co/p31XPGBsze pic.twitter.com/coG3tcMiAI
– initstring (@init_string) September 15, 2020
The vulnerability would allow an attacker to be able to access the router from a home or business network and interfere with all cell phones connected to the network. Once accessed, the hacker can execute a series of commands to open browser pages or install extensions without any user interaction.
This threat is even more dangerous because of the vast possibilities and its scope. Remote access to devices across an entire network can significantly impact company security and create headaches for users on a common home network, an environment normally considered safe for sharing bank passwords, documents and more sensitive data.
On video, Lukas Stefanko demonstrated the destructive capacity of the problem by attacking three devices within the same network from a smartphone. Realize that in the demo, it doesn’t take long for him to access all vulnerable devices and interact with them remotely.